import { config } from '../../src/config.js' import { server, setup, shutdown } from '../../src/index.js' import { generateKeyPairSync } from 'crypto' import { existsSync, writeFileSync } from 'fs' beforeAll(() => { if(!existsSync(config.signing.private)) { const { publicKey, privateKey } = generateKeyPairSync('rsa', { modulusLength: 4096, publicKeyEncoding: { type: "pkcs1", format: "pem" }, privateKeyEncoding: { type: "pkcs1", format: "pem" } }) writeFileSync('public.pem', publicKey) writeFileSync('private.key', privateKey) } if(process.env['CI']) { config.database.url = 'mongodb://setup-database:27017/yggdrasil?readPreference=primary&appname=MongoDB%20Compass&directConnection=true&ssl=false' } return setup() }) const login = async () => { const { accessToken, clientToken, selectedProfile, user } = JSON.parse((await server.inject({ method: 'POST', url: '/authserver/authenticate', headers: { 'Content-Type': 'application/json' }, payload: { username: 'i@lama.icu', password: '123456', clientToken: 'UNIT_TEST', requestUser: true, agent: { name: 'minecraft', version: 1 } } })).body) return { accessToken, clientToken, selectedProfile, user } } test('/authserver/authenticate', async function() { const response = await server.inject({ method: 'POST', url: '/authserver/authenticate', headers: { 'Content-Type': 'application/json' }, payload: { username: 'i@lama.icu', password: '123456', clientToken: 'UNIT_TEST', requestUser: true, agent: { name: 'minecraft', version: 1 } } }) expect(response.statusCode).toBe(200) }) test('/authserver/refresh', async function() { const credentals = await login() const refresh1 = await server.inject({ method: 'POST', url: '/authserver/refresh', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken, clientToken: credentals.clientToken, } }) const newToken = JSON.parse(refresh1.body).accessToken expect(refresh1.statusCode).toBe(200) const refresh2 = await server.inject({ method: 'POST', url: '/authserver/refresh', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken, clientToken: credentals.clientToken, } }) expect(refresh2.statusCode).toBe(401) const refresh3 = await server.inject({ method: 'POST', url: '/authserver/refresh', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken, clientToken: Math.random() + "", } }) expect(refresh3.statusCode).toBe(401) const refresh4 = await server.inject({ method: 'POST', url: '/authserver/refresh', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: newToken, } }) expect(refresh4.statusCode).toBe(200) }) test('/authserver/validate', async function() { const credentals = await login() const validate1 = await server.inject({ method: 'POST', url: '/authserver/validate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken, clientToken: credentals.clientToken, } }) expect(validate1.statusCode).toBe(204) const validate2 = await server.inject({ method: 'POST', url: '/authserver/validate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken, clientToken: credentals.clientToken + "hjfidhsw", } }) expect(validate2.statusCode).toBe(401) const validate3 = await server.inject({ method: 'POST', url: '/authserver/validate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken + "hjfidhsw", clientToken: credentals.clientToken, } }) expect(validate3.statusCode).toBe(401) const validate4 = await server.inject({ method: 'POST', url: '/authserver/validate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken, } }) expect(validate4.statusCode).toBe(204) }) test('/authserver/invalidate', async function() { let credentals = await login() const invalidate1 = await server.inject({ method: 'POST', url: '/authserver/invalidate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken, clientToken: credentals.clientToken, } }) expect(invalidate1.statusCode).toBe(204) const credentals2 = await login() const invalidate2 = await server.inject({ method: 'POST', url: '/authserver/validate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals2.accessToken, clientToken: credentals2.clientToken + "hjfidhsw", } }) expect(invalidate2.statusCode).toBe(401) const validate = await server.inject({ method: 'POST', url: '/authserver/validate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals.accessToken, clientToken: credentals.clientToken, } }) expect(validate.statusCode).toBe(401) }) test('/authserver/signout', async function() { const credentals1 = await login() const credentals2 = await login() const signout = await server.inject({ method: 'POST', url: '/authserver/signout', headers: { 'Content-Type': 'application/json' }, payload: { username: 'i@lama.icu', password: '123456', } }) expect(signout.statusCode).toBe(204) const validate1 = await server.inject({ method: 'POST', url: '/authserver/validate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals1.accessToken, clientToken: credentals1.clientToken, } }) const validate2 = await server.inject({ method: 'POST', url: '/authserver/validate', headers: { 'Content-Type': 'application/json' }, payload: { accessToken: credentals2.accessToken, clientToken: credentals2.clientToken, } }) expect(validate1.statusCode).toBe(401) expect(validate2.statusCode).toBe(401) }) afterAll(() => { return shutdown() })